/**
 *
 */
package com.honeybees.framework.common.util.rsa;

import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * <dl>
 * <dt><b> RSA 签名、验签类 </b></dt>
 * <p>
 * <dd>功能描述</dd>
 * </dl>
 * <p>
 * Copyright (C) All rights reserved.
 * </p>
 *
 * @author 李远明
 * @author wangshupeng@symdata.cn
 * @since 2016-08-18 10:14:37
 */
public class SignatureUtils {

    private static final Logger LOGGER = LoggerFactory.getLogger(SignatureUtils.class);

    /**
     * 签名算法
     */
    public static final String SIGN_ALGORITHMS = "SHA1WithRSA";

    /**
     * <dl>
     * <dt><b> RSA签名 </b></dt>
     * <p>
     * <dd>功能描述</dd>
     * </dl>
     *
     * @param content
     *            待签名数据
     * @param privateKey
     *            商户私钥
     * @param charsetName
     *            字符集编码
     * @return 数字签名
     * @author 李远明
     * @author wangshupeng#symdata.cn
     * @version 2016-08-18 10:16:34
     */
    public static String sign(String content, String privateKey, String charsetName) {
        try {
            byte[] encodedKey = Base64.decode(privateKey); // 解密私钥
            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey); // 构造PKCS8EncodedKeySpec对象
            KeyFactory keyFactory = KeyFactory.getInstance("RSA"); // 指定加密算法
            PrivateKey priKey = keyFactory.generatePrivate(keySpec);

            java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);

            signature.initSign(priKey);
            signature.update(content.getBytes(charsetName));

            byte[] signedData = signature.sign();
            return Base64.encode(signedData);
        } catch (Exception e) {
            LOGGER.error("sign error", e);
        }
        return null;
    }

    /**
     * <dl>
     * <dt><b> RSA签名 </b></dt>
     * <p>
     * <dd>功能描述</dd>
     * </dl>
     *
     * @param content
     *            待签名数据
     * @param privateKey
     *            商户私钥
     * @return 数字签名
     * @author 李远明
     * @author wangshupeng#symdata.cn
     * @version 2016-08-18 10:18:17
     */
    public static String sign(String content, String privateKey) {
        try {
            byte[] encodedKey = Base64.decode(privateKey); // 解密私钥
            PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey); // 构造PKCS8EncodedKeySpec对象
            KeyFactory keyFactory = KeyFactory.getInstance("RSA"); // 指定加密算法
            PrivateKey priKey = keyFactory.generatePrivate(keySpec);

            java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);

            signature.initSign(priKey);
            signature.update(content.getBytes());

            byte[] signedData = signature.sign();
            return Base64.encode(signedData);
        } catch (Exception e) {
            LOGGER.error("sign error", e);
        }
        return null;
    }

    /**
     * <dl>
     * <dt><b> RSA 验证签名是否正常 </b></dt>
     * <p>
     * <dd>功能描述</dd>
     * </dl>
     *
     * @param content
     *            待签名数据
     * @param sign
     *            数字签名
     * @param publicKey
     *            公钥
     * @param charsetName
     *            字符集编码
     * @return true-签名有效，false-签名无效
     * @author 李远明
     * @author wangshupeng#symdata.cn
     * @version 2016-08-18 10:21:44
     */
    public static boolean verifySignature(String content, String sign, String publicKey, String charsetName) {
        try {
            byte[] encodedKey = Base64.decode(publicKey); // 解密公钥
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA"); // 指定加密算法
            PublicKey pubKey = keyFactory.generatePublic(keySpec);

            java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);

            signature.initVerify(pubKey);
            signature.update(content.getBytes(charsetName));

            byte[] signedData = Base64.decode(sign);
            boolean result = signature.verify(signedData);
            return result;
        } catch (Exception e) {
            LOGGER.error("verifySignature error", e);
        }
        return false;
    }

    /**
     * <dl>
     * <dt><b> RSA 验证签名是否正常 </b></dt>
     * <p>
     * <dd>功能描述</dd>
     * </dl>
     *
     * @param content
     *            待签名数据
     * @param sign
     *            数字签名
     * @param publicKey
     *            公钥
     * @return true-签名有效，false-签名无效
     * @author 李远明
     * @author wangshupeng#symdata.cn
     * @version 2016-08-18 10:28:40
     */
    public static boolean verifySignature(String content, String sign, String publicKey) {
        try {
            byte[] encodedKey = Base64.decode(publicKey); // 解密公钥
            X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encodedKey);
            KeyFactory keyFactory = KeyFactory.getInstance("RSA"); // 指定加密算法
            PublicKey pubKey = keyFactory.generatePublic(keySpec);

            java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);

            signature.initVerify(pubKey);
            signature.update(content.getBytes());

            byte[] signedData = Base64.decode(sign);
            boolean result = signature.verify(signedData);
            return result;
        } catch (Exception e) {
            LOGGER.error("verifySignature error", e);
        }
        return false;
    }

}
